Threat intelligence API Docs Pricing Solutions Resources Contact us

Threat reports

Read other reports

Phishing Automated through Chatbots, We Found Potentially Connected Domains

There is a new phishing tactic that employs chatbots to automate credential theft and increase the legitimacy of phishing sites. Bleeping Computer1 mentioned only one IoC, a cybersquatting subdomain targeting DHL.

Using TIP, we tried to learn everything possible about the IoC, including its vulnerabilities, connections, and choice of text strings. We then used these details to uncover more potentially suspicious domains. Here are our key findings:

  • The IoC shares its IP address with 11 other domains, and the root domain has another DHL-targeted subdomain.
  • We discovered 10,000+ cybersquatting domains and subdomains targeting DHL, FedEx, UPS, and Royal Mail that contain text strings used in the IoC.
  • More than 500 of these properties have been flagged as malicious.

Download the threat research materials now to access a sample of identified artifacts used to conduct additional enrichment and threat analysis.


  • [1]
Read other reports
To download the full report in PDF, please fill in the form.
I have read and agree to the Terms of Service and Privacy Policy
Please keep me updated on news, events, and offers.

Try our Threat Intelligence API for free

Get FREE trial
Have questions?

We work hard to improve our services for you. As part of that, we welcome your feedback, questions and suggestions. Please let us know your thoughts and feelings, and any way in which you think we can improve our product.

For a quick response, please select the request type that best suits your needs.

Or shoot us an email to

Threat Intelligence Platform uses cookies to provide you with the best user experience on our website. They also help us understand how our site is being used. Find out more here. By continuing to use our site you consent to the use of cookies.